1. Field of the Invention
The present invention relates to the protection of computer systems. More particularly, the present invention relates to a virus detection system and method.
2. Description of the Related Art
Anti-virus companies are adding memory scanning of known viruses to anti-virus products. There are two types of memory scanning that are available, on demand and on access scanning.
An on demand scanner is one that must be explicitly launched by the user or by a program scheduler. The on demand scheduler scans each process' memory as well as the memory in the kernel space for known viruses. An on access memory scanner scans new programs for known viruses as they are loaded into the memory.
However, because the scanner only searches for known viruses, the scanner may miss any unknown, encrypted, polymorphic, and entry point obscuring viruses.